Security Issue with Kinsta Hosting - Support

Resolved Jeremy Stead
4 years, 7 months ago

Rank Math free

Hi guys, please see the email below from Kinsta Hosting.

These are the websites affected…
• ethicallymadconz
• thaimassage
• websites4electricians

Look Forward to your response.
Jeremy

We are writing you today to notify you about a security vulnerability which was discovered in the WordPress SEO Plugin – Rank Math plugin that was detected on one or more of your websites.

https://wpvulndb.com/vulnerabilities/10157

This plugin registered a REST-API endpoint, rankmath/v1/updateMeta, which failed to include a permission_callback used for capability checking. The endpoint called a function, update_metadata which could be used to update the slug on existing posts, or could be used to delete or update metadata for posts, comments, and terms. This endpoint also allowed for updating metadata for users. WordPress user permissions are stored in the usermeta table, which meant that an unauthenticated attacker could grant or revoke administrative privileges for any registered user.

This affects versions 1.0.40 and below.

We recommend updating this plugin immediately to the latest version.

The following is a list of affected sites we have determined that you currently have access to in MyKinsta.

• ethicallymadconz
• thaimassage
• suttonspas
• websites4electricians

This vulnerability may exist on both live and staging environments. We recommend that both are checked and updated.

If you have any questions, please feel free to reach out to our Support team.
Thank you for being a Kinsta customer!

Viewing 4 replies - 1 through 4 (of 4 total)

Michael Davis
4 years, 7 months ago

Rank Math pro

Hello,

Thank you for contacting Rank Math today.

The findings from the guys at Kinsta suggest that this vulnerability only seems to affect This affects versions 1.0.40 and below..

Please update to the latest version(v1.0.41.2) on all the affected domains to fix this.

Looking forward to helping you. Thank you.

Todd
4 years, 7 months ago

Rank Math free

Hello Jeremy,

We are extremely sorry that this happened. Please read here about the official apology statement and how we communicated to our users before the leak was available publicaly:

https://www.facebook.com/groups/rankmathseopluginwordpress/permalink/576571766548487/?comment_id=576580039880993

That being said, what you are facing now can be resolved easily, IF Rank Math is the reason. Keep Rank Math disabled and follow these steps:

0. Take a complete backup of your site
https://wordpress.org/support/article/wordpress-backups/

1. Update all your plugins and themes to the latest version.

1.1 Optionally, opt for an auto-update by following this tutorial:
https://rankmath.com/kb/version-control/#auto-update

2. Update WordPress to the latest version and reinstall it.

3. Please enable the Rank Math plugin and if you have Rank Math’s redirection module active then re-check if all the redirections are correct here:
https://i.rankmath.com/VoRdoK

If not, then please delete the ones you do not recognize

3.1 Please make sure there are no unauthorized users registered on your website.
/wp-admin/users.php
https://i.rankmath.com/lZ1I7Z

3.2 Check the menu items and the links inside them and remove any unwanted links:
https://i.rankmath.com/VRPtbB

4. Install a malware scanner like Sucuri or WordFence and run a scan for checking if there are any suspicious files on your server. If you find any, remove them all.

5. Follow these setup tutorials to confirm if the settings are correct:
https://youtu.be/dTvZuMRzW4w

and

https://www.wpmediamastery.com/rank-math-seo/?utm_campaign=Rank+Math

6. Optional: We would recommend using Cloudflare if not already

7. If that doesn’t help, your site could be hacked due to one of the plugins listed here
https://www.webarxsecurity.com/wordpress-vulnerability-news-march-2020/

8. In that case, please ask your hosting to run a malware scanner and remove any unwanted files from the server. Change the password of all the users on your website.

Change the salt keys on your website. Finally, follow these security measures:
https://mythemeshop.com/blog/wordpress-security-tips/

Please let us know how can we help you further. Again, we’re extremely sorry that this happened.

We are here to help. Thank you.

Jeremy Stead
4 years, 7 months ago

Rank Math free

Hi Guys, thanks for your response.

We are running Version 1.0.41.2

I take it this is fine as we aren’t getting any more warnings from Kinsta.

I ran a malware scan and found now issues.

Cheers
Jeremy

Michael Davis
4 years, 7 months ago

Rank Math pro

Hello,

We are super happy that this resolved your issue.

If you do have another question in the future, please feel free to create a new forum topic here https://support.rankmath.com, and it will be our pleasure to assist you again.

Thank you.

Viewing 4 replies - 1 through 4 (of 4 total)

The ticket ‘Security Issue with Kinsta Hosting’ is closed to new replies.